One socket, multiple http request, different Host header but server returns cached Host header

Question

I am using a custom servlet engine of a vendor product. Our server are fronted by different proxy with different host names. Assuming the host names are host1.localhost.com and host2.localhost.com.

We have following servlet

public class MyServlet {

    public void doGet(...) {

             response.getOutputStream.write(request.getServerName().getBytes())
} }

We encountered an issue that some times if we make a request host1.localhost.com/my/servlet we see actually see host2.localhost.com/my/servlet in the response.

Decompiling vendor product's code revealed that their servlet engine caches the Host header as long as the socket is kept alive.

In attempt to reproduce the problem I wrote some low level socket code to make HTTP requests:

Socket s = new Socket();
s.connect(new InetSocketAddress("host2.localhost.com", 8080));
OutputStream os = s.getOutputStream();

/*this thread keeps printing stuff in the input stream*/
Thread t = new ResponsePrintThread(s.getInputStream());
t.start()

os.write("GET /my/servlet/testservlet HTTP/1.1\r\n".getBytes());
os.write("Host: 12345\r\n".getBytes());
os.write("\r\n".getBytes());
os.flush();

os.write("GET /my/serlet/testservlet HTTP/1.1\r\n".getBytes());
os.write("Host: 7891011\r\n".getBytes());
os.write("\r\n".getBytes());
os.flush();

The above will print

12345
12345

But I would expect

12345
7891011

My question is, does the servlet engine behave correctly by caching and returning the same host header for the same socket connection, or should it re-parse the HTTP headers and update the cached host header? My Thinking is that since HTTP suppose to be stateless, so any information in the HTTP request should be re-parsed and reloaded, even the host header.

Answer 1

HTTP is a little vague on how connections are made between client and server:

https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-p1-messaging-22#section-6.2

It is beyond the scope of this specification to describe how connections are established via various transport or session-layer protocols.

I don't see anything wrong if a client uses one persistent connection for two host names that resolve to the same IP. It ought not to cause any problem on the server side.